1.三台虛擬機設置
ansible
內存 2GB
處理器 4
硬盤 40GB
光盤iso centos1804
網絡適配器 僅主機模式
顯示器 自動檢測
controller
內存 5.3GB
處理器 4
硬盤 100GB
光盤iso centos1804
網絡適配器 僅主機模式
網絡適配器 NAT模式
顯示器 自動檢測
compute
內存 5.3GB
處理器 4
硬盤 100GB
硬盤2 100GB
光盤iso centos1804
網絡適配器 僅主機模式
網絡適配器 NAT模式
顯示器 自動檢測
密碼必須是000000
2.配置三台虛擬機的網絡,主機名,域名解析
使用192.168.100.0網段
主機名 ansible controller compute
域名解析: (三台都需要配置)
[root@ansible ansible]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.128 ansible
192.168.100.130 controller
192.168.100.129 compute
[root@ansible ansible]#
3.下載ansible並配置免密登錄
上傳ansible.tar.gz 解壓
[root@ansible ansible]# cd /opt/
[root@ansible opt]# ls
ansible ansible.tar.gz CentOS-7-x86_64-DVD-1804.iso chinaskills_cloud_iaas.iso rh
[root@ansible opt]#
[root@ansible opt]# tar -xzvf ansible.tar.gz -C ./
配置yum源安裝ansible
配置列表清單
[root@ansible ansible]# cat hosts
controller
Compute
配置ansible
1.不檢查公鑰
2.hosts主機清單與roles在當前目錄
3.遠程用戶為root
生成秘鑰ssh-keygen使用
ssh-copy-id使ansible能夠免密登錄 compute controller
4.上傳文件iaas鏡像與centos1804鏡像至ansible ansible將文件發送給被控節點
windows cmd上傳鏡像
scp CentOS-7-x86_64-DVD-1804.iso root@192.168.100.128:/opt
scp chinaskills_cloud_iaas.iso root@192.168.100.128:/opt
ansible 將文件傳給被控節點
ansible all -m copy -a 'src=/opt/chinaskills_cloud_iaas.iso dest=/opt/' && ansible all -m copy -a 'src=/opt/CentOS-7-x86_64-DVD-1804.iso dest=/opt/'
5.ansible-playbook初始化操作
Controller
(1).掛載鏡像拷貝出鏡像的文件到/opt/iaas /opt/centos
(2).配置yum源
(3).下載vsftpd開啟服務並共享/opt目錄
Compute
(1).配置ftp yum源
(2).分區sdb
Controller/Compute
(1).關閉防火牆,不自啟
(2).永久關閉selinux
(3).下載xiandian
生成init角色
ansible-galaxy init roles/init
編寫playbook openstack_start.yml
- hosts: all
roles:
- init
編寫roles init
- name: if
block:
- name: centos
file:
state: directory
name: /opt/centos
- name: mountchinaskills
mount:
path: /media
src: /opt/chinaskills_cloud_iaas.iso
state: mounted
fstype: iso9660
- name: mv
shell: "cp -rvf /media/* /opt/"
- name: umount
mount:
path: /media
state: unmounted
fstype: iso9660
- name: mountcentos
mount:
path: /media
src: /opt/CentOS-7-x86_64-DVD-1804.iso
state: mounted
fstype: iso9660
- name: mv
shell: "cp -rvf /media/* /opt/centos"
- name: umount
mount:
path: /media
state: unmounted
fstype: iso9660
- name: mv yum_all
shell: "mv /etc/yum.repos.d/* /tmp"
- name: yumrepo
yum_repository:
name: centos
description: centos repo
file: local
baseurl: file:///opt/centos
gpgcheck: no
enabled: yes
- name: yumrepo2
yum_repository:
name: iaas
description: iaas repo
file: local
baseurl: file:///opt/iaas-repo
gpgcheck: no
enabled: yes
- name: installvsftpd
yum:
name: vsftpd
state: present
- name: share
shell: 'sed -i "1ianon_root=/opt" /etc/vsftpd/vsftpd.conf'
- name: vsftpdstart
systemd:
name: vsftpd
state: restarted
enabled: yes
- name: input
debug:
msg: "controller is already"
when: ansible_hostname == 'controller'
- name: if2
block:
- name: mv yum_all
shell: "mv /etc/yum.repos.d/* /tmp"
- name: yumcompute
yum_repository:
name: iaas
description: iaas repo
file: local
baseurl: ftp://192.168.100.130/iaas-repo
gpgcheck: no
enabled: yes
- name: yumcompute2
yum_repository:
name: centos
description: centos repo
file: local
baseurl: ftp://192.168.100.130/centos
gpgcheck: no
enabled: yes
- name: part
parted:
device: /dev/sdb
number: 1
state: present
part_end: 40GiB
- name: part
parted:
device: /dev/sdb
number: 2
state: present
part_start: 42GiB
part_end: 92GiB
- name: input
debug:
msg: "compute is already"
when: ansible_hostname == 'compute'
- name: down firewalld
systemd:
name: firewalld
state: stopped
enabled: no
- name: shutdown setenforce
shell: setenforce 0
shell: 'sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config'
- name: install
yum:
name: iaas-xiandian
state: present
ansible-playbook openstack_start.yml
運行劇本
6.編寫jinjia2模板 渲染openrc.sh文件
(1).創建角色jinja2
ansible-galaxy init roles/jinja2
(2).控制節點Ansible下載iaas-xiandian並把openrc.sh做成模板文件
openrc.sh需要復制到jinji2角色的templates目錄下
注意配置yum獲取controller的ftp倉庫
[root@ansible templates]# cp /etc/xiandian/openrc.sh ./openrc.sh.j2
[root@ansible templates]# ls
openrc.sh.j2
(3).去除變量信息的#
sed -i 's/^#//g' openrc.sh.j2
(4).寫入變量
#--------------------system Config--------------------##
#Controller Server Manager IP. example:x.x.x.x
HOST_IP={{controller_ip}}
#Controller HOST Password. example:000000
HOST_PASS={{PASSWD}}
#Controller Server hostname. example:controller
HOST_NAME={{controller_name}}
#Compute Node Manager IP. example:x.x.x.x
HOST_IP_NODE={{compute_ip}}
#Compute HOST Password. example:000000
HOST_PASS_NODE={{PASSWD}}
#Compute Node hostname. example:compute
HOST_NAME_NODE={{compute_name}}
#--------------------Chrony Config-------------------##
#Controller network segment IP. example:x.x.0.0/16(x.x.x.0/24)
network_segment_IP={{network_segment_IP}}/24
#--------------------Rabbit Config ------------------##
#user for rabbit. example:openstack
RABBIT_USER=openstack
#Password for rabbit user .example:000000
RABBIT_PASS={{PASSWD}}
#--------------------MySQL Config---------------------##
#Password for MySQL root user . exmaple:000000
DB_PASS={{PASSWD}}
#--------------------Keystone Config------------------##
#Password for Keystore admin user. exmaple:000000
DOMAIN_NAME=demo
ADMIN_PASS={{PASSWD}}
DEMO_PASS={{PASSWD}}
#Password for Mysql keystore user. exmaple:000000
KEYSTONE_DBPASS={{PASSWD}}
#--------------------Glance Config--------------------##
#Password for Mysql glance user. exmaple:000000
GLANCE_DBPASS={{PASSWD}}
#Password for Keystore glance user. exmaple:000000
GLANCE_PASS={{PASSWD}}
#--------------------Nova Config----------------------##
#Password for Mysql nova user. exmaple:000000
NOVA_DBPASS={{PASSWD}}
#Password for Keystore nova user. exmaple:000000
NOVA_PASS={{PASSWD}}
#--------------------Neturon Config-------------------##
#Password for Mysql neutron user. exmaple:000000
NEUTRON_DBPASS={{PASSWD}}
#Password for Keystore neutron user. exmaple:000000
NEUTRON_PASS={{PASSWD}}
#metadata secret for neutron. exmaple:000000
METADATA_SECRET={{PASSWD}}
#Tunnel Network Interface. example:x.x.x.x
{% if ansible_hostname == 'controller' %}
INTERFACE_IP={{controller_ip}}
{% elif ansible_fqdn == 'compute' %}
INTERFACE_IP={{compute_ip}}
{% endif %}
#External Network Interface. example:eth1
INTERFACE_NAME={{External_Network}}
#External Network The Physical Adapter. example:provider
Physical_NAME={{Physical_NAME}}
#First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101
minvlan=101
#Last Vlan ID in VLAN RANGE for VLAN Network. example:200
maxvlan=200
#--------------------Cinder Config--------------------##
#Password for Mysql cinder user. exmaple:000000
CINDER_DBPASS={{PASSWD}}
#Password for Keystore cinder user. exmaple:000000
CINDER_PASS={{PASSWD}}
#Cinder Block Disk. example:md126p3
BLOCK_DISK={{cinder_disk}}
#--------------------Swift Config---------------------##
#Password for Keystore swift user. exmaple:000000
SWIFT_PASS={{PASSWD}}
#The NODE Object Disk for Swift. example:md126p4.
OBJECT_DISK={{swift_disk}}
#The NODE IP for Swift Storage Network. example:x.x.x.x.
STORAGE_LOCAL_NET_IP={{STORAGE_LOCAL_NET_IP}}
#--------------------Heat Config----------------------##
#Password for Mysql heat user. exmaple:000000
HEAT_DBPASS={{PASSWD}}
#Password for Keystore heat user. exmaple:000000
HEAT_PASS={{PASSWD}}
#--------------------Zun Config-----------------------##
#Password for Mysql Zun user. exmaple:000000
ZUN_DBPASS={{PASSWD}}
#Password for Keystore Zun user. exmaple:000000
ZUN_PASS={{PASSWD}}
#Password for Mysql Kuryr user. exmaple:000000
KURYR_DBPASS={{PASSWD}}
#Password for Keystore Kuryr user. exmaple:000000
KURYR_PASS={{PASSWD}}
#--------------------Ceilometer Config----------------##
#Password for Gnocchi ceilometer user. exmaple:000000
CEILOMETER_DBPASS={{PASSWD}}
#Password for Keystore ceilometer user. exmaple:000000
CEILOMETER_PASS={{PASSWD}}
#--------------------AODH Config----------------##
#Password for Mysql AODH user. exmaple:000000
AODH_DBPASS={{PASSWD}}
#Password for Keystore AODH user. exmaple:000000
AODH_PASS={{PASSWD}}
#--------------------Barbican Config----------------##
#Password for Mysql Barbican user. exmaple:000000
BARBICAN_DBPASS={{PASSWD}}
#Password for Keystore Barbican user. exmaple:000000
BARBICAN_PASS={{PASSWD}}
(5).渲染變量
被定義的變量放進jinja2角色模板里的vars
劇本運行時playbook的template模塊用vars里的變量渲染jinja2模板
[root@ansible ansible]# cat roles/jinja2/vars/main.yml
controller_ip: 192.168.100.130
controller_name: controller
compute_ip: 192.168.100.129
compute_name: compute
PASSWD: '000000'
cinder_disk: sdb1
swift_disk: sdb2
network_segment_IP: 192.168.100.0
External_Network: ens33
Physical_NAME: provider
STORAGE_LOCAL_NET_IP: 192.168.100.129
[root@ansible ansible]#
(6).編寫並運行playbook
[root@ansible ansible]# cat jinja2.yml
- hosts: all
roles:
- jinja2
[root@ansible ansible]# ansible-playbook jinja2.yml
7.跑xiandian里的腳本完成openstack的安裝
(1).生成所需要的角色
[root@ansible ansible]# for i in {mariadb,keystone,glance,nova-controller,neutron-controller,dashboard,cinder-controller,swift-controller,heat,nova-compute,neutron-compute,cinder-compute,swift-compute};do ansible-galaxy init roles/$i ;done
- Role roles/mariadb was created successfully
- Role roles/keystone was created successfully
- Role roles/glance was created successfully
- Role roles/nova-controller was created successfully
- Role roles/neutron-controller was created successfully
- Role roles/dashboard was created successfully
- Role roles/cinder-controller was created successfully
- Role roles/swift-controller was created successfully
- Role roles/heat was created successfully
- Role roles/nova-compute was created successfully
- Role roles/neutron-compute was created successfully
- Role roles/cinder-compute was created successfully
- Role roles/swift-compute was created successfully
[root@ansible ansible]#
每個角色對應着自己的名字的腳本任務
(2).寫上每個角色對應的命令
controller
mariadb/tasks/main.yml
- name: install mysql
shell: iaas-install-mysql.sh
keystone/tasks/main.yml
- name: install keystone
shell: iaas-install-keystone.sh
glance/tasks/main.yml
- name: install glance
shell: iaas-install-glance.sh
nova-controller/tasks/main.yml
- name: install nova-controller
shell: iaas-install-nova-controller.sh
neutron/tasks/main.yml
- name: install neutron-controller
shell: iaas-install-neutron-controller.sh
dashboard/tasks/main.yml
- name: install dashboard
shell: iaas-install-dashboard.sh
cinder/tasks/main.yml
- name: install cinder-controller
shell: iaas-install-cinder-controller.sh
swift/tasks/main.yml
- name: install swift-controller
shell: iaas-install-swift-controller.sh
heat/tasks/main.yml
- name: install heat
shell: iaas-install-heat.sh
compute
nova/tasks/main.yml
- name: install nova-compute
shell: iaas-install-nova-compute.sh
neutron/tasks/main.yml
- name: install neutron-compute
shell: iaas-install-neutron-compute.sh
cinder/tasks/main.yml
- name: install cinder-compute
shell: iaas-install-cinder-compute.sh
swift/tasks/main.yml
- name: install swift-compute
shell: iaas-install-swift-compute.sh
(3).劇本內容
[root@ansible ansible]# cat openstack_shell.yml
- hosts: controller
remote_user: root
pre_tasks:
- name: init
shell: iaas-pre-host.sh
roles:
- mariadb
- keystone
- glance
- nova-controller
- neutron-controller
- dashboard
- cinder-controller
- swift-controller
- heat
- hosts: compute
remote_user: root
pre_tasks:
- name: init
shell: iaas-pre-host.sh
roles:
- nova-compute
- neutron-compute
- cinder-compute
- swift-compute
7.合並劇本
[root@ansible ansible]# cat final.yml
- hosts: all
tasks:
- name: cp iaas
copy:
src: /opt/chinaskills_cloud_iaas.iso
dest: /opt/
- name: cp centos
copy:
src: /opt/CentOS-7-x86_64-DVD-1804.iso
dest: /opt/ # 這一步可以代替第標題4的ansible
- hosts: all
roles:
- init
- hosts: all
roles:
- jinja2
- hosts: controller
remote_user: root
pre_tasks:
- name: init
shell: iaas-pre-host.sh
roles:
- mariadb
- keystone
- glance
- nova-controller
- neutron-controller
- dashboard
- cinder-controller
- swift-controller
- heat
- hosts: compute
remote_user: root
pre_tasks:
- name: init
shell: iaas-pre-host.sh
roles:
- nova-compute
- neutron-compute
- cinder-compute
- swift-compute
ansible-playbook final.yml
至此一鍵部署openstack完成
被控節點只需要修改主機名,配好網絡,密碼000000,可以被ansible免密登錄
8.驗證
[root@compute ~]# systemctl status openstack* | grep active
Active: active (running) since Thu 2022-04-14 04:49:24 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:11 EDT; 23min ago
Active: active (running) since Thu 2022-04-14 04:49:24 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:22 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:23 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:23 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:24 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:23 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:22 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:22 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:22 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:18 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:24 EDT; 22min ago
Active: active (running) since Thu 2022-04-14 04:49:23 EDT; 22min ago
[root@compute ~]#
[root@controller ~]# systemctl status openstack* | grep active
Active: active (running) since Thu 2022-04-14 16:45:57 CST; 26min ago
Active: active (running) since Thu 2022-04-14 16:45:34 CST; 27min ago
Active: active (running) since Thu 2022-04-14 16:43:23 CST; 29min ago
Active: active (running) since Thu 2022-04-14 16:46:38 CST; 26min ago
Active: active (running) since Thu 2022-04-14 16:42:29 CST; 30min ago
Active: active (running) since Thu 2022-04-14 16:43:26 CST; 29min ago
Active: active (running) since Thu 2022-04-14 16:45:34 CST; 27min ago
Active: active (running) since Thu 2022-04-14 16:43:26 CST; 29min ago
Active: active (running) since Thu 2022-04-14 16:46:37 CST; 26min ago
Active: active (running) since Thu 2022-04-14 16:46:38 CST; 26min ago
Active: active (running) since Thu 2022-04-14 16:43:26 CST; 29min ago
Active: active (running) since Thu 2022-04-14 16:45:34 CST; 27min ago
Active: active (running) since Thu 2022-04-14 16:42:29 CST; 30min ago
[root@controller ~]#